Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Logitech Confirms Data Breach Following Designation as Oracle Hack Victim

Logitech was listed on the Cl0p ransomware leak website in early November, but its disclosure does not mention Oracle.

Logitech Oracle hack

Logitech disclosed a data breach shortly after it was named as a victim of the recent hacking and extortion campaign targeting customers of Oracle’s E-Business Suite (EBS) enterprise resource planning solution.

In a Friday filing with the SEC, the consumer electronics giant said it recently experienced a cybersecurity incident that involved data exfiltration.

“While the investigation is ongoing, at this time, Logitech believes that the unauthorized third party used a zero-day vulnerability in a third-party software platform and copied certain data from the internal IT system,” Logitech said.

“The data likely included limited information about employees and consumers and data relating to customers and suppliers. Logitech does not believe any sensitive personal information, such as national ID numbers or credit card information, was housed in the impacted IT system,” it added.

The company noted that products, business operations, or manufacturing were not impacted, and it does not believe the incident will have a material impact on its financial condition or results of operations. 

“Logitech maintains a comprehensive cybersecurity insurance policy, which we expect will, subject to policy limits and deductibles, cover costs associated with incident response and forensic investigations, as well as business interruptions, legal actions and regulatory fines, if any,” the company said. 

Advertisement. Scroll to continue reading.

While Logitech has not named the third-party platform targeted in the zero-day attack, the disclosure comes after the company was named on the Cl0p ransomware leak website as a victim of the Oracle EBS campaign

Logitech was listed on the Cl0p site in early November. After repeated requests for comment from SecurityWeek, the company responded on November 10 to say that it’s not commenting on the matter. 

The cybercriminals have leaked 1.8 TB worth of archive files allegedly storing information stolen from Logitech. 

Over 50 victims have been named to date on the Cl0p website, including major companies. Some organizations, such as The Washington Post, Hitachi subsidiary GlobalLogic, Harvard University, and American Airlines subsidiary Envoy Air, have confirmed being impacted.

It’s still not clear which Oracle EBS zero-days have been exploited in the campaign claimed by Cl0p, but the main candidates are CVE-2025-61884 and CVE-2025-618842.

While Cl0p has been the public-facing entity, the cybersecurity community has linked the campaign to an unknown cluster of the threat actor tracked as FIN11, which was also responsible for similar operations targeting customers of Cleo, MOVEit, and Fortra file transfer products.     

Related: NHS Investigating Oracle EBS Hack Claims as Hackers Name Over 40 Alleged Victims

Related: Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack

Related: Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.